Day: June 23, 2021

Categories
Fraud Eats Strategy

Keeping Criminality Out of the Casino

Las Vegas has come to symbolize the commercialization of gambling. Casino gaming has become an extension of the global hospitality and tourism business While the mob may not be the factor it once was, criminals are still attracted to casinos and as a result, illicit money still finds its way into casinos banks despite their devotion of considerable compliance and anti-money laundering resources designed at keeping it out. Financial crisis aside, casinos are the most profitable and desirable centerpieces of global hotel and casino gaming empires.

>

Join us each week as we take a deep dive into the various forms of fraud across the world and discuss crime families, penny stock boiler rooms, international money launderers, narco-traffickers, oligarchs, dictators, warlords, kleptocrats and more.

Scott Moritz is a leading authority on white-collar crime, anti-corruption, and in the evaluation, design, remediation, implementation, and administration of corporate compliance programs, codes of conduct. He is also considered an authority in the establishment, training, and oversight of the investigative protocols carried out by financial intelligence, corporate security, and internal audit units.
 

Categories
Compliance Kitchen

EU and US Trade Agreement on Boeing and Airbus


The EU and US reach an agreement on the ongoing WTO Boeing-Airbus dispute; FEMA eases up on some export restrictions of PPE.

Categories
Great Women in Compliance

Lloydette Bai Marrow, the Compliance Entrepreneur


Welcome to the Great Women in Compliance Podcast, co-hosted by Lisa Fine and Mary Shirley. In this episode, Lisa speaks with Lloydette Bai Marrow, who is the Founder and Principal Consultant of ParaMetric Global Consulting.  Lloydette is based in London, and prior to starting ParaMetric, she was a Principal Investigative Lawyer within the UK Government’s Serious Fraud Office, and a prosecutor in various UK governmental agencies.
Lloydette comes from a very entrepreneurial family and took that mindset and her own experience to build her consultancy. She talks about how she identified what she wanted to do when she left the SFO, and how she and ParaMetric have grown. In particular, she talks about how her experience as a prosecutor has been a great asset, but also how she has adapted to collaborating with organizations in her current role. On the other side, she has used her experience to train investigators and prosecutors in Sierra Leone and globally to help build stronger anti-corruption prosecutions.
The Great Women in Compliance Podcast is proudly featured on the Compliance Podcast Network and sponsored by Corporate Compliance Insights. If you enjoyed this episode please subscribe to the podcast and rate it on your podcast player to help other compliance professionals find it.
For those of you in the northern hemisphere, it is the season for beach reads and you may be traveling after a long break. For your time off, you can pick up a copy (or download) “Sending the Elevator Back Down: What We’ve Learned from Great Women in Compliance” (CCI Press, 2020).
If you’ve already read the booked and liked it, will you help out other women to make the decision to leverage off the tips and advice given by rating the book and giving it a glowing review on Amazon?
As always, we are so grateful for all of your support and if you have any feedback or suggestions for our 2021 line up or would just like to reach out and say hello, we always welcome hearing from our listeners.
You can subscribe to the Great Women in Compliance podcast on any podcast player by searching for it and we welcome new subscribers to our podcast.
Join the Great Women in Compliance community on LinkedIn here.

Categories
Innovation in Compliance

A Progressive and Humble Leadership to Cybersecurity with Joseph Davis


 
Joseph Davis, Microsoft’s Chief Security Advisor for Health and Life Sciences, is a trained medical practitioner, but his professional background is “almost 100% IT and cybersecurity.” He has always been interested in technology: in medical school he helped develop a program to assist clinicians in diagnosing their patients more accurately. He joins Tom Fox on Day 3 of Microsoft Week to talk about the role of cybersecurity in life sciences and the traits cybersecurity professionals need to do their jobs effectively.
 

 
The Role of Cybersecurity
Tom asks, “What is the role of cybersecurity in the healthcare life science industry today?” Joseph responds that it’s a must-have since this industry is considered critical infrastructure. People’s lives depend on keeping systems and processes safe from cyber attacks, he points out. Most medical devices now have communication components such as WiFi or Bluetooth – these are called connected medical devices – so they are vulnerable to cybersecurity breaches which can cause them to malfunction. Joseph tells Tom that it’s more imperative now for providers in the healthcare industry to vet their supply chain, but smaller companies may not have the resources to do so, leaving them more vulnerable to bad actors.
 
Serve with Humility
Cybersecurity affects every department, so leaders need to get everyone on board. This requires humility, diplomacy and flexibility, Joseph says. Tom asks him to talk about his blog post, Ego and the Role of Cybersecurity Leaders, and why you have to take ego out of the equation. “I like to serve humbly,” he responds. “The focus really needs to be on protecting the organization and safety… I think when we’re so focused on where we are in our career… our focus gets distorted.” Tom comments that most cybersecurity professionals he knows have a calm disposition. He asks why this is necessary and helpful in the role. You have to keep a cool head, Joseph answers. Bad things are going to happen, and many things will be out of your control, so you have to be flexible. “Control lightly” those things that you can control, and always remember that you’re working with a team. Tom quotes Joseph’s blog, “Every trust decision is a risk management exercise.” They agree that every decision – in life and in cybersecurity – carries some form of risk and is founded on trust of the outside world.
 
Keeping Clients Up-to-Date
Joseph says that his role at Microsoft is “to work exclusively with senior leaders at each of one of my customers to bring them up to speed on the modern workplace and how we’re approaching cybersecurity in the more hybrid environment that we’re living in now.” He finds that while some customers are eager to embrace innovation, others are entrenched in their traditional methods. “The problem with many of the customers that we have currently is that their approach is fighting the last attack or the last type of compromise that they had; whereas their threat actors are constantly evolving and finding new ways in,” he tells Tom. He and Tom discuss whether the defense and depth approach still has value. Joseph comments that identity has to be considered as well: “Attackers these days they’re not really breaking in as much as logging on,” he remarks. He advocates for computer-aided interventions and data encryption as the last facet of security. “You can’t rely on the user to be your last line of defense,” he emphasizes.
 
Listen here to Microsoft Week episode 1, featuring Alan Gibson, Director of Legal and Compliance Innovation at Microsoft.
 
Listen here to Microsoft Week episode 2, featuring Abbas Kudrati, Chief Cybersecurity Advisor for Microsoft Asia’s Enterprise Cybersecurity Group.
 
Tune in tomorrow for episode 4 featuring Erica Toelle.
 
Resources
Joseph Davis at LinkedIn 
Microsoft Security Blog 
Blog post: Ego and the Role of Cybersecurity Leaders
 

Categories
Compliance Into the Weeds

Disclosures of Cyber Security Disclosure Failures


Compliance into the Weeds is the only weekly podcast which takes a deep dive into a compliance related topic, literally going into the weeds to more fully explore a subject. This week Matt and Tom take a deep dive into a lesson learned long ago by the Nixon Administration, adapted for 21st century cybersecurity. It’s not just the breach, it is not disclosing the breach to authorities and investors for which companies get in hot water. Some of the issues we consider are:

  • What are your reporting obligations after a breach?
  • Why is the SEC interested in how you inform investors?
  • Why does the legal department want to hide any breaches?
  • What are the costs for failure to disclose?
  • What does this mean for compliance going forward?

Resources
Matt in Radical Compliance
Example of Cybersecurity Disclosure Failures

Categories
Daily Compliance News

June 23, 2021 the No Marriage? edition

In today’s edition of Daily Compliance News:

  • Engine No. 1 Board nominees overwhelmingly won. (HoustonChronicle)
  • Will FTC block marriage of James Bond and Amazon? (WSJ)
  • Airlines face backlash. (NYT)
  • Home of Wirecard ex-chair raided. (FT)